Scientific Linux Security Update : thunderbird on SL6.x i386/x86_64 (20180725)

This update upgrades Thunderbird to version 52.9.1. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 CVE-2018-5188 - Mozilla: Buffer overflow using computed size of canvas element CVE-2018-12359 - Mozilla: Use-after-free using focus...

thunderbird: S/MIME and PGP decryption oracles can be built with HTML emails

Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird 52.9...

DEBIAN-CVE-2017-3225

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt...

PoshC2

!PoshC2 Logohttps://raw.githubusercontent.com/nettitude/PoshC...

git-annex information disclosure vulnerability

git-annex is a distributed file synchronization system. An information disclosure vulnerability exists in git-annex. An attacker can exploit this vulnerability to disclose encrypted data via a malicious server...

CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

Information disclosure

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

DEBIAN-CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

UBUNTU-CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

Debian DLA-1425-1 : thunderbird security update

Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails. For Debian 8 'Jessie', these problems have been fixed in version 1:52.9.1-1deb8u1. We recommend that you upgrade your thunderbird packages...

Debian DSA-4244-1 : thunderbird - security update

Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

Debian: Security Advisory (DLA-1425-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1425-1] thunderbird security update

Package : thunderbird Version : 1:52.9.1-1deb8u1 CVE ID : CVE-2018-5188 CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365 CVE-2018-12366 CVE-2018-12372 CVE-2018-12373 CVE-2018-12374 Multiple security issues have been found in Thunderbird, which may lead to...

[SECURITY] [DSA 4244-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4244-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 13, 2018 https://www.debian.org/security/faq -...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Thunderbird vulnerabilities (USN-3714-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3714-1 advisory. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a...

USN-3714-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass CORS restrictions, obtain sensitive information, or execute arbitrary...

SSE-C Cryptographic Flaw

github.com/minio/minio is vulnerable to cryptographic flaws. The vulnerability exists as there is a weakness in the derived key-encryption-key for SSE-C encrypted objects. The vulnerability allows malicious users to replace objects that are encrypted with the same client key as it was not bound t...

Debian: Security Advisory (DSA-4244-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...